1089 matches found
Ubuntu: Security Advisory (USN-7623-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Cloud Pak for Data is vulnerable to to Cross-Site Request Forgery (CSRF) due to insecure debugger access in Werkzeug ( CVE-2024-34069)
Summary Potential vulnerabilities in Werkzeug has been identified that may affect IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-34069 DESCRIPTION: Werkzeug is a comprehensive WSGI web application library. The debugger in affected version...
Dell Wyse Management Suite < 5.2 Multiple Vulnerabilities (DSA-2025-226)
The version of Dell Wyse Management Suite installed on the remote host is prior to 5.2. It is, therefore, affected by multiple vulnerabilities as referenced in the DSA-2025-226 advisory, including: - Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Absolute Path Traversal...
CVE-2025-36580
Dell Wyse Management Suite (WMS) before version 5.2 is affected by CVE-2025-36580 due to improper input neutralization during web page generation, enabling cross-site scripting. The vulnerability affects WMS when handling web requests from remote attackers with high privileges; exploitation could...
CVE-2023-25015
Clockwork Web before 0.1.2, when Rails before 5.2 is used, allows CSRF...
WordPress plugin Crossword Compiler Puzzles 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A code issue vulnerability...
PT-2025-22822 · Thehive · Thehive
Name of the Vulnerable Software and Affected Versions: TheHive versions 5.2.0 through 5.2.15 TheHive versions 5.3.0 through 5.3.10 TheHive versions 5.4.0 through 5.4.9 TheHive versions 5.5.0 Description: A Server-Side Request Forgery SSRF issue allows remote authenticated attackers with admin...
CVE-2022-30517
Mogu blog 5.2 is vulnerable to Cross Site Scripting XSS...
CVE-2020-23520
imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality...
CVE-2020-25790
Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins are considered trustworthy"; however, the behavior "contradicts our security policy" and is being...
CVE-2019-8510
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout...
CVE-2019-8516
A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted string may lead to a denial of service...
CVE-2019-8541
A privacy issue existed in motion sensor calibration. This issue was addressed with improved motion sensor processing. This issue is fixed in iOS 12.2, watchOS 5.2. A malicious app may be able to track users between installs...
CVE-2019-8548
An issue existed where partially entered passcodes may not clear when the device went to sleep. This issue was addressed by clearing the passcode when a locked device sleeps. This issue is fixed in watchOS 5.2. A partially entered passcode may not clear when the device goes to sleep...
CVE-2019-8532
A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in watchOS 5.2, iOS 12.2. A malicious application may be able to access restricted files...
CVE-2019-8514
A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. An application may be able to gain elevated privileges...
CVE-2018-1000854
esigate.org esigate version 5.2 and earlier contains a CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in ESI directive with user specified XSLT that can result in Remote Code Execution. This attack appear to be exploitable vi...
CVE-2003-0784
Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, with a username that contains format string specifiers...
CVE-1999-0363
SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise...
CVE-2025-30475
Dell PowerScale InsightIQ, versions 5.0 through 5.2, contains an improper privilege management vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to elevation of privileges...